17 matches found
EUVD-2012-4826
Malware in sbrugna...
EUVD-2012-4827
Malware in sbrugna...
CVE-2012-4902
Multiple cross-site request forgery CSRF vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator user via an add action to admin/index.php or 2 conduct static PHP code injection attacks via...
Cross site scripting
Cross-site scripting XSS vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themeseditor parameter in an addtemplate action to admin/index.php...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator user via an add action to admin/index.php or 2 conduct static PHP code injection attacks via...
CVE-2012-4901
Cross-site scripting XSS vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themeseditor parameter in an addtemplate action to admin/index.php...
CVE-2012-4902
CVE-2012-4902 concerns Template CMS 2.1.1 and earlier. The vulnerability is a CSRF flaw that lets an attacker trick an authenticated administrator into performing unauthorized actions, including adding a new administrator account and potentially triggering code execution through the admin interfa...
CVE-2012-4901
Template CMS (version 2.1.1 and earlier) is affected by a Cross‑Site Scripting (CWE-79) vulnerability in the themes_editor parameter passed to admin/index.php during add_template, enabling remote injection of arbitrary HTML/JS. Public advisories (HTB23115) describe the issue and note CSRF concern...
CVE-2012-4902
Multiple cross-site request forgery CSRF vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator user via an add action to admin/index.php or 2 conduct static PHP code injection attacks via...
template cms 2.1.1 - Multiple Vulnerabilities
No description provided by source...
Multiple vulnerabilities in Template CMS
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Template CMS 2.1.1 - Multiple Vulnerabilities
Template CMS 2.1.1 - Multiple Vulnerabilities Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting...
Template CMS 2.1.1 - Multiple Vulnerabilities
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting
Exploit for php platform in category web applications Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79,...
Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Multiple vulnerabilities in Template CMS
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Template CMS, which can be exploited to perform Cross-Site Scripting XSS and Сross-Site Request Forgery CSRF attacks. 1 Cross-Site Scripting XSS in Template CMS: CVE-2012-4901 Input passed via the "themeseditor" POST...
Template CMS (FCKEditor) File Upload Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 »...